Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '4142215y8d' = '%HOMEPATH%\4142215y8d\w3j59b4192.vbs'
- %HOMEPATH%\Start Menu\Programs\Startup\start.lnk
- скрытых файлов
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoFolderOptions' = '00000001'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- '%HOMEPATH%\4142215y8d\YahooUpdater.com' EIRxOXvn.PJB
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\4142215y8d\3ral68977i8e.cmd
- %HOMEPATH%\4142215y8d\w3j59b4192.vbs
- %HOMEPATH%\4142215y8d\run.vbs
- %HOMEPATH%\4142215y8d\hJIPRrdZ.JCB
- %HOMEPATH%\4142215y8d\JGpxLxdXuiQd.MNP
- %HOMEPATH%\4142215y8d\YahooUpdater.com
- %HOMEPATH%\4142215y8d\EIRxOXvn.PJB
- %HOMEPATH%\4142215y8d\w3j59b4192.vbs
- %HOMEPATH%\4142215y8d\3ral68977i8e.cmd
- %HOMEPATH%\Start Menu\Programs\Startup\start.lnk
- %HOMEPATH%\4142215y8d\hJIPRrdZ.JCB
- %HOMEPATH%\4142215y8d\JGpxLxdXuiQd.MNP
- %HOMEPATH%\4142215y8d\YahooUpdater.com
- %HOMEPATH%\4142215y8d\EIRxOXvn.PJB
- 'ma######unmonkey.zapto.org':1604
- DNS ASK ma######unmonkey.zapto.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''